diff --git a/appsec/src/extension/tags.c b/appsec/src/extension/tags.c
index 0c2c1bb2113..562fe10c11a 100644
--- a/appsec/src/extension/tags.c
+++ b/appsec/src/extension/tags.c
@@ -971,8 +971,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event_automated)
         return;
     }
 
-    zend_string *user_login;
-    zend_string *user_id;
+    zend_string *user_login = NULL;
+    zend_string *user_id = NULL;
     zend_string *anon_user_login = NULL;
     zend_string *anon_user_id = NULL;
     HashTable *metadata = NULL;
@@ -1114,8 +1114,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event_automated)
         return;
     }
 
-    zend_string *user_login;
-    zend_string *user_id;
+    zend_string *user_login = NULL;
+    zend_string *user_id = NULL;
     zend_string *anon_user_login = NULL;
     zend_string *anon_user_id = NULL;
     HashTable *metadata = NULL;
@@ -1207,7 +1207,7 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event)
         return;
     }
 
-    zend_string *user_id;
+    zend_string *user_id = NULL;
     HashTable *metadata = NULL;
     zend_bool copy_user_id = true;
     if (zend_parse_parameters(ZEND_NUM_ARGS(), "S|h", &user_id, &metadata) ==
@@ -1230,6 +1230,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event)
     _user_event_triggered = true;
     zend_array *meta_ht = Z_ARRVAL_P(meta);
 
+    dd_find_and_apply_verdict_for_user(user_id);
+
     // usr.id = <user_id>
     _add_new_zstr_to_meta(
         meta_ht, _dd_tag_user_id, user_id, copy_user_id, true);
@@ -1262,8 +1264,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event_automated)
         return;
     }
 
-    zend_string *user_login;
-    zend_string *user_id;
+    zend_string *user_login = NULL;
+    zend_string *user_id = NULL;
     zend_string *anon_user_login = NULL;
     zend_string *anon_user_id = NULL;
     zend_bool exists;
@@ -1360,8 +1362,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event)
         return;
     }
 
-    zend_string *user_id;
-    zend_bool exists;
+    zend_string *user_id = NULL;
+    zend_bool exists = NULL;
     HashTable *metadata = NULL;
     if (zend_parse_parameters(
             ZEND_NUM_ARGS(), "Sb|h", &user_id, &exists, &metadata) == FAILURE) {
diff --git a/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy b/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy
index 3e7a22454a1..de828459444 100644
--- a/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy
+++ b/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy
@@ -69,9 +69,6 @@ trait CommonTests {
         assert span.meta."_dd.appsec.usr.id" == 'Admin'
         assert span.meta."_dd.appsec.usr.login" == 'Login'
         assert span.meta."appsec.events.users.login.success.track" == 'true'
-        assert span.meta."appsec.events.users.login.success.email" == 'jean.example@example.com'
-        assert span.meta."appsec.events.users.login.success.session_id" == '987654321'
-        assert span.meta."appsec.events.users.login.success.role" == 'admin'
     }
 
     @Test
@@ -104,9 +101,6 @@ trait CommonTests {
         assert span.meta."appsec.events.users.login.failure.usr.login" == 'Login'
         assert span.meta."appsec.events.users.login.failure.usr.exists" == 'false'
         assert span.meta."appsec.events.users.login.failure.track" == 'true'
-        assert span.meta."appsec.events.users.login.failure.email" == 'jean.example@example.com'
-        assert span.meta."appsec.events.users.login.failure.session_id" == '987654321'
-        assert span.meta."appsec.events.users.login.failure.role" == 'admin'
     }
 
     @Test